Is this an April Fool?
I sincerely hope so. Otherwise, time for the Nominet members that want change to contact their MPs, as I previously suggested here:
https://forums.theregister.com/forum/all/2021/03/18/nominet_voting_fears/
Nominet has rejected calls for serious change at the .uk registry operator despite losing its CEO, chairman, and three board members to a membership vote earlier this month. Members were expecting the board to announce the appointment of two caretaker directors to take over as chair and vice-chair after the stunning upset, …
You might be interested to know that our wonderful home-made publishing system lets you schedule when articles go live. Pieces can be written on one day, edited, and queued up to appear any time after.
We use this for various reasons, and the reason here is that Kieren is on the US West Coast and the article is ideal for a UK audience. So for things like this, which isn't breaking news and more analytical, we time it to appear as Britain wakes up and checks its phones and laptops for news.
The homepage is mostly a flow of articles, and people mostly come to us via the homepage. If stuff's published overnight, it can be missed by readers as by the time they glance at the page, the headline is way down under many others. Not a lot of people look beyond the first few rows.
We're coming up with an iteration of the homepage in which important articles aren't lost in the flow, but also that people who want a flow of articles can get a flow of articles.
C.
It is absurd that what should be a simple administrative function, i.e. approving the list of organisations that may register domains in a TLD and the eligibility requirements, should consume so much effort and attention.
It should have been enough to set up the process 20 years ago and just run it. It could have been done by a committee of 2 or 3 people. Not all this organisational overhead and stupid drama.
I don't get it; there's nothing about an 'industry' or 'member' run body that protects the public from market failure, either. The globe is littered with these non-government TLD adminstrations from the US to New Zealand that are captured or dominated by special interests.
There's nothing special about Internet domain name registrars that says they can't be regulated by a small government department, for example. It would be like saying the road rules must be in the charge of a consortium of car manufacturers; that government couldn't be trusted? At least (democratic) governments are accountable to the wider public via the ballot box.
"It is absurd that what should be a simple administrative function, i.e. approving the list of organisations that may register domains in a TLD and the eligibility requirements, should consume so much effort and attention."
When you get to manage as many names as Nominet's registry, that simple administrative function isn't so simple any more. It's far beyond the capabilities of a committee of 2 or 3 people.
The number of people on Nominet's board and management isn't really the problem. It's what those people did and failed to do.
Managing the names is what the registrars do, not Nominet. The number of names doesn't scale the effort for Nominet, the actual work required to perform the core role is minimal; a name is a few rows in the database and maybe around kilobyte of storage.
Why else do you think they were trying to come up with other ventures to spunk the cash on and justify their existence? It's an absolute gravy train. Instead, the Nominet portion of the fee should be 10p and any surplus should be given to a proper charity like WWF or something.
"The number of names doesn't scale the effort for Nominet, the actual work required to perform the core role is minimal..." (@sbt)
This ^^. The board sets the rules for others to follow. The number of "others" doesn't matter. Occasionally, new rules might be needed, hopefully proactively, to deal with new situations. This isn't hard work.
NB: I have this regularly at work - "Oh, no! We've got more students! Now I need to change all my materials!!!" Me: "Why? It doesn't matter whether you are lecturing/providing tutorials to 50 or 500. The only thing you need to do is make sure you have the ability to mark the extra papers in the time allowed, so find a good PhD student."
You seem unaware of what a registry does. It manages a register of domain names: who registered which names, when the names expire, which DNS servers they use, what DNS data goes into the TLD, what info is published in whois, etc. Management of domain names is done by registries and registrars.
.uk has around 10 million names. If you can fit that and the related metadata into "maybe around kilobyte of storage", please enlighten us.
My estimate was per name. I wrote:
a name is a few rows in the database and maybe around kilobyte of storage
So a DB (or DBs) totalling ~10GB if both our estimates are in the ballpark.
Again, it's the registrars that deal with registrants over expiry, whois data, etc. They just push updates to the registry. The registry itself doesn't need a lot of staff to manage this DB since it doesn't deal need to deal with registrants directly for the most part; updates can be submitted via APIs. The registry doesn't need to run call centres, or provide a Web admin console for DNS or whois, etc. for registrants. Some registries handle escalated eligibility disputes, sure.
However, any such work has no policy-making implications; you can just employ staff that follow processes laid down 20 years ago to do it. Or out-source the technical stuff.
Yes, registrars deal with registrants. Registries deal with registars (mostly). Which means they manage the registration life-cycle - add/renew/delete/update/transfer - in accordance with the registry's policies. That's domain name management too - it's just different management from the stuff you explained that registrars generally handle. Although registry stuff may well be automated, it does need human intervention and oversight.
Registries have to provide customer and technical support to registrars. And deal with these requests from registants too. While I was waiting in the foyer of one registry, the receptionist was fielding calls from registrants wanting the registry's help to configure BIND or debug why email for their new domain name wasn't working. Those questions should have gone to the registrar of course. But they didn't.
Registry policies are not fixed. They have to change from time to time because the domain name business changes - the impact of GDPR or the introduction of DNSSEC for example. Whatever policies that were in place at Nominet (or some other registry) 20 years ago will be different today. IIRC Nominet's registrars relied on email and a shell script to register domain names ~20 years ago. Nowadays they mostly use EPP. This means registry policy can't be a "fire and forget" thing. That requires policy-making machinery and people to run it.
Oh and outsourcing the technical operations also requires staff. Somebody needs to write and negotiate the contracts, verify the contract terrns are being met, make sense of the reports the outsource provider generates, issue RFPs every year or two, etc, etc.
And that receptionist simply said, to every caller who was confused, "Sorry [Sir/Madam], you'll need to take that up with the people you are actually paying money to for your domain hosting, email and server hosting." You can parallel that up fairly well, fairly easily.
There's no need for much of the cruft of Nominet, and they are clearly not fit for purpose.
That's mostly driven by registries trying to think up new ways to make money. If they'd have just focused on necessary security and legal changes, a small committee meeting every few months could have kept up. As long as they didn't keep kicking the can down the road like ICANN with GDPR.
Anyway, a lot of these changes are in no way unique to a particular TLD or ccTLD; DNSSEC is more like work for the IETF. Individual registries ought to be leveraging the collective approaches from other registries rather than re-inventing the wheel. Registry operations/technical platform would be well suited to a white-boxing approach given the fairly universal registry operations modelled by ICANN. DNSSEC still lacks critical mass.
It's not like there's been any real revolution in the provision of name services; the suite of record types is largely unchanged; spoofing is still an issue. But solving the problems with DNS isn't really the role of the registries anyway. They've got a small remit in the grand scheme of the Internet. DNS has been declining in importance ever since the dawn of the search engine and Web browser bookmarks and people no longer need to remember domain names or type them in. Also not helped by the concentration of Web to a few well known sites like FB, Twitter, Google, etc. And the attempted proliferation of new TLDs by ICANN but with massive costs attached just to make them richer.
If registries were actually dealing with the hard problems of identity, authorisation and authentication on the Internet, I'd have more sympathy, but they're not; most don't have any kind of real person or organisation requirements for registrants. Have you got a credit card? Great, here's a domain.
If you're still not convinced, just look at Nominet's focus on things other than DNS; it's clear from their own conduct they had more financial and other resources than they needed to operate a TLD registry. QE fucking D.
This post has been deleted by its author
DNS has been declining in importance ever since the dawn of the search engine and Web browser bookmarks and people no longer need to remember domain names or type them in.
You're right to say end users don't give a shit about DNS. They never did. And nowadays they don''t see domain names any more. They don't need to know or care about that, just like few of us need to know or care how our homes are supplied with water, electricity and so on.
The trade in domain names is declining in importance. That's not true for DNS. It's still there in the background making every tweet, web visit, email, VoIP call, cat video, etc possible. Try switching it off on your network and see how far you get.
@"Try switching it off on your network and see how far you get."
The automation provided with DNS was sufficently handy to remove the historical need for maintaining local hosts files but if DNS no longer works for the common benefit then every OS still supports host file resolution. a quick IP based FTP to get a copy of latest hosts file and the user is set, so no, in reality the web can live without DNS the registratars are the ones that cannot live without the internet users.
When you look at the problems with the internet and how many of these internet abuses use dns against webusers then do you really want to continue funding the system
Those that wish to publish need some way for users to find their site, at the moment DNS registration is enough but it comes with an unreasonable price for everyone else.
If enough people stopped using DNS for resolution then publishers will cooperate with whatever resolution service replaces it because being known is their bread and butter and it must be said they have a history getting into bed with just about anyone
"DNSSEC is more like work for the IETF"
Adoption of DNSSEC means changes to TLD registry policies - getting the child's KSK to the registry, how/if the registry checks that KSK, which algorithms are supported, etc. Then there's the DNSSEC policy for the TLD itself - key lengths, signature duration, KSK and ZSK rollovers, etc, None of these things are static. They change because the risks and threats change, the IETF invents new stuff, new crypto comes along and so forth. Which means registry policies sometimes need to change too.
Their, collective, action shows that they have something to hid, potentially fraud...
So it would seem they all live on planet "self-preservation at any cost".
There are only two options: first, if there is any evidence, to engage the fraud squad, second call a second EGM to nuke the board.
@"On which planet do these Nominet board members live?"
The same corrupt one that you live on put the thieves into power.
Whilst corruption continues to be rewarded without any sign of punishment then those that have no shame will do what they like against you.
Either every election is fixed or you guys keep voting to be abused
As my eyes descended through Kieren's latest update the more my eyebrows rose ... shortly thereafter my jaw joined in and descended, ultimately hitting the floor when I reached the bit about Eleanor Bradley (recently been removed from the board) now being appointed as interim CEO. Talk about waving two fingers at the membership!
I wonder if this might act as a catalyst for EGM number 2 (similar to the way the shutdown of the Nominet forum during the AGM seemed to have been the final straw last time)
Of course where money is involved those currently in control are unlikely to depart voluntarily ... I fear this may be a long slog to drain the swamp, let us hope Public Benefit are up for a further fight
Yes. Everybody reading this who owns .uk domains should do this. It's likely another vote is coming and anything we can do to increase the power of those registrars supporting it is going to help. Nominet has already had experience losing one vote and really doesn't want to repeat it, so they're likely to bring out as many methods as they can next time. In fact, if you don't have .uk domains, still move them to someone who supported this vote because they're likely to be better serving your interests if the domains you hold have a similar experience. All my domains are with a supporter. If you would like to see a list of options, consult the publicbenefit.uk home page.
According to the the public benefit website, Tsohost are in the GoDaddy fold, who voted against it. There's a lookup tool on there where you can check.
I've had good experience with Namecheap myself, though a friend said they've a rep for hosting spam domains. I figure any sufficiently large registrar probably has issues with that one. *shrug*
A number of people here recommend Mythic Beasts*. They seem fine to me but I only have a couple of domains so be guided by those who have more.
* After I'd signed up it turned out that I'd the guys responsible through another forum - which I counted as being in their favour.
I was also with tsohost and asked the same question after the last article - moved to Gandi.net last week. It seems very nice, the DNS control pane is a massive improvement too.
Virtually every scam I've seen has involved a domain purchased via namecheap. I realise as a registrar they're a long way back in the queue of people to hold responsible, but wouldn't touch them myself.
So we basically have the same regime as 2 weeks ago, just Russell (CEO) and Mark (Chair) not there.
I completely disagree with the delay (or ultimate obstruction) over appointing Sir Michael as Chairman and Axel as director, which were integral parts of the Public Benefit campaign, which virtually 500 members signed up for.
But to be quite clear, the personnel now on the Board (and the new interim CEO) are the personnel who had been waving through the policies of Mark and Russell - without any public contradictions - and this regime and its policies have just been massively called out at the EGM, with a huge loss of Trust and Confidence.
Does Rob’s statement today engender trust, confidence, that this isn’t just the previous regime regrouping and playing for time?
On the flip side, they are gambling that a 2nd EGM won’t be called, because the win at the 1st one was too borderline.
That is the factor Simon Blackler will face as well of course.
In principle, I’d like to see the entire Board dismissed by the members, at which point, members have power and a company obligation to appoint at least one director to keep the company legal. That’s the nuclear option.
However, a second passed resolution of that kind would not be certain.
I personally feel sad that Rob (acting Chair) and the Board have missed an opportunity here - a common-sense opportunity - to appoint Sir Michael as quickly as they have appointed Ellie Bradley (Board evictee and interim CEO), to demonstrate a willingness to walk the walk of change, and not just talk the talk. That would have engendered trust that they were sincere in their ‘Road to Damascus’ conversion. It was possible to do.
As before, they seem to be listening only to the bits they want to hear. The first change hundreds of members called for was the replacement of Mark with Sir Michael. Instead, we have a vacuum of trust and a vacuum of trusted leadership.
Instead, the effect will be continuing loss of trust and confidence. This could lead to further instability for the company. Implicit in today’s announcement seems to me to be the desire to block Sir Michael’s appointment and the level of radical change last week’s EGM was called for.
Sure two fall guys in particular have gone - Russell and Mark - but today we were very much witnessing the same regime re-building itself. I have no trust in this Board’s intended direction. I will speak, and have spoken, to individuals on the Board and members of staff. But as things stand, unless individuals speak out (which they still may do) they will be tarnished with the same opprobrium lavished on Mark and Russell. From their reportedly ‘unanimous’ collaboration in the demonisation of the Public Benefit initiative, they never wanted the proposed changes and were vehemently opposed to what Public Benefit was requesting: Change of leadership right at the top. And everything that would follow from that. This 'remnant' Board rubber-stamped the policies Mark and Russell were kicked out for. None of them have earned trust. All of them have been a part of a regime that was gralloched last week.
To re-shape a quote by (I think) David Cameron: “they are all in this together”.
"or Companies House get brought in"
Why do you keep banging on about Companies House?
You've been told many times that (a) they're not a regulator; (b) they have no enforcement powers; (c) they do not intervene in boardroom disputes and can't do that even if they wanted to; (d) their mission is to operate a registry of company info - a job they do badly.
How about you take your complaints about Nominet's board to Companies House and let us know how you get on?
It's very simple. Companies House are the regulator for listed companies. Nominet, like any other company has to follow the Companies Act.
Like most people here I don't have any standing to take this sort* of complaint about Nominet to them, the members do. They'll have to exhaust other options first.
* I have, in the past, set them onto a business sticking "Ltd" after its name when it wasn't. The business had brought it on themselves by keeping sending me spam.
You still don't get it. Of course Companies House maintains the register of disqualified directors. That's part of their remit of publishing info about UK companies. It doesn't make them a regulator.
The courts decide who gets disqualified, not Companies House. They just update their database whenever a court tells them to do that.
"Companies House are the regulator for listed companies."
Who told you that? Not legislation or government statements or academic research. Was it in a newspaper article somewhere - the Daily Spurt maybe? Do you think you saw it on Wikipedia once?
It's a registrar. It's not a regulator.The difference matters.
"Like most people here I don't have any standing to take this sort of complaint about Nominet to them"
Bullshit!
Any member of the public can report any crime or make a complaint to the appropriate authorities. Which in this case is NOT Companies House.
Just think about what you said. If you saw somebody nicking tat from Asda, would you say and do nothing because you're not an Asda shareholder?
"or Companies House get brought in."
That's an empty threat which would only convince the Nominet board that their critics are ignorant and incompetent. It's bad enough that you might mislead people into thinking it's realistic, but you just did something even worse. You called it "the only option other then giving up".
Whose side are you on?
1. The Garratt Report was fiddled and board members are still setting their salaries without members’ consent (because first draft was subject to requested editorial amendments by the board)
2. The Lyons Report was ignored.
3. The .uk consultation was ignored
What is the reason behind these failures? Same people in charge - CEO Bradley has been in power for 25 years, and now Godaddy (its biggest customer) closely behind pulling strings.
Enough!
Dear Member “the only way to do so is for us to be as open and candid as we can” quote Rob Binns.
In this new climate of openness a good start would be to revealing Russell Haworth’s and Mark Wood’s payoff packages. Also, all the directors remuneration packages and bonus structures.
In fact, opening up the books regarding all the money poured down the drain for failed projects for which the Board members were paid bonuses would be an even better start.
This post has been deleted by its author
Oftel? Perhaps you meant Ofcom.
No matter. Putting .uk in government hands (or Ofcom's) would be an epic, epic fail. Just think what would happen: outsourcing to Crapita, Dildo Harding as registry CEO, Boris's cronies on the board, 10K+/day consulting contracts for Deloitte, etc, etc. At best .uk would end up being run by people who were even more out of touch and had their snouts buried much deeper in the trough.
This post has been deleted by its author
I would like to know who appointed Nominet to be in charge of the UK domain registration. If it was some sort of official body, perhaps they should be pressed to reconsider.
If no-one specifically appointed them, is it now time for Ofcom to look into whether this vital national resource should remain in the hands of such a corrupt, self-serving organisation?
We - the UK Internet community - put Nominet in charge of .uk. Nobody else was involved in that decision.
Handing over .uk to some other organisation is an option. But be careful what you wish for. Nominet's core registry operations are rock-solid. They've not been affected in any way by the current or previous boardroom fights. That could be put at risk if they have to be moved elsewhere. And who's to say if new owners would be less greedy, more accountable, more transparent, etc than a reformed Nominet that was responsive to its members?
Ofcom has no powers to intervene. UK does not regulate the Internet - apart from trying to stop kids frorm accessing porn sites.
Ofcom has no powers to intervene. UK does not regulate the Internet - apart from trying to stop kids frorm accessing porn sites.
It does, and government has been increasing the amount of regulation over the years. Generally Ofcom's interventions are when there's market abuse, failure, or disputes. I think functionally (and in a regulatory sense), Nominet's the equivalent of Ofcom administering the telephone number space*. So I think it could intervene, especially if there's a perceived risk of instability in the .uk namespace, as that's arguably critical national infrastructure.
But there'd be a bunch of legalese to figure out the practical and legal limits to intervention. Instructing on operational stuff is something it does already, eg issuing decision notices instructing operators to play nicely with others. Instructing Nominet to change it's board or articles, or even a decision to nationalise Nominet would get a lot more complex.
*Something Axel probably knows a lot about, ie previous suggestions that countries should administer 'national' resources like UK IP addresses. Which would have been nice from a routing/traffic management perspective, but a huge bag of worms. Hence why such stuff has been left to the RIRs, despite the occasional government desire to 'manage' stuff.
So I think it could intervene, especially if there's a perceived risk of instability in the .uk namespace, as that's arguably critical national infrastructure.
Ofcom has no authority to intervene. Those powers belong to the Secretary of State at what is currently DCMS. Read clauses 19-21 of the 2010 Digital Economy Act.
I think those powers would only get exercised for something *really* bad - for instance if Nominet was about to go bust or DNS for .uk had a serious outage.
So Eleanor Bradley, one of the board members to be fired by the members becomes CEO. Remember she promoted the idea of a £20 reg fee for the proposed .uk domain (see BBC link below) and told the BBC it was "not a money making exercise". Of course not!! - thankfully the members stood against that idea but the extension was still rolled out, and the board members pay and bonuses rocketed since that time.
https://www.bbc.co.uk/news/technology-19767014
Anyone who didn't see this coming? Anyone? Bueller? Bueller?
Not that being booted out for incompetence has ever really hindered the career of people with enough connections on the old boy network, but given Nominet's intransigence on the EGM procedures and votes it was always likely they were going to do whatever they wanted until they are forced out.
Indeed. The RIPE NCC's membership is spread over 74 countries, very diverse, and perhaps a little easier to keep at an arm's length overall. Nominet is subject to UK laws, and just one government. It is essential to keep those stakeholders "reasonably happy", while being accountable directly to its membership. I believe very strongly in bottom-up industry self-regulation.
Ah, look at all the lovely people!
Ah, look at all the lovely people!
Eleanor Bradley
Picks up her seat on the board where a vote has been
Lives in a dream
Waits at the window
Wearing the face that she keeps in a jar by the door
Who is it for?
All the lovely people
Where do they all come from?
All the lovely people
Where do they all belong?
With thanks to Paul McCartney for the inspiration.
Having just completed my yearly compulsory anti-fraud training, I can say with confidence that this this is fraud 101 behaviour.
Smells like the board might be covering something, and they are in that together. Do they use Ernst & Young as their accountants? I've heard they are good at cooking books.
This post has been deleted by its author